PGP Ruled as Relevant For Criminal Case 675
waytoomuchcoffee writes "A Minnesota appeals unamimously ruled in a child porn case that "the existence of an encryption program" on the defendants computer could be admitted as evidence of criminal intent. The article doesn't mention if this can be taken into account for sentencing too."
Encryption use != evil (Score:5, Insightful)
I find this very disturbing based on the attitude people have regarding encryption. It's seen in such a negative way as if everyone who uses encryption as evil. Let me put it this way:
ENCRYPTION != EVIL
I use this for my day to day communications. Either over IM, E-Mail or moving things from server to server (GPG, then sending the file via FTP etc.). How do we help the public to understand that just because someone wants to keep something secret, even under a mass of public scrutiny, it does not constitute someone breaking the law! I have a TON of letters to and from my girlfriend that are encrypted, that she herself does as well!
I'm not saying the guy accused of the crime shouldn't produce keys, he obviously was doing something totally heinous by photographing a 9 year old in sexual position, and then those pictures destroyed. Predators of this nature are f-ing sick creatures that need some bad rehabilitation.
My point is the attitude of the people. Admission of the fact that he had PGP on his computer shouldn't be a condemning factor of his behavior and should be based on his crimes. NOT THE FACILITATOR, MEANS, TOOL (Physical or otherwise) OR SOFTWARE to commit such crimes. He was using perfectly legal encryption utilities and software.
Just because they were for hiding his crimes/pictures should NOT be a factor in his punishment. What kind of precedent would the judge be inadvertently (or purposely??) placing on the use and ownership of encryption and the tools to do such?
~zoloto
Re:Encryption use != evil (Score:5, Insightful)
We don't even know that much. All that was reported is that he had PGP installed, not that he had any encrypted pictures.
I wonder why the EFF wasn't mentioned.
I use PGP for clients's data myself.
Hey, if posession is a problem, what about all those recent Windows versions with EFS preinstalled?
Re:Encryption use != evil (Score:5, Insightful)
This ruling is really really evil. It could be extended to "Having nmap and ethereal installed on your computer is evidence of criminal intent of to crack systems."
Re:Encryption use != evil (Score:5, Interesting)
It also depends on whether he was using PGP to encrypt just his email or his HD, since newer vesions can do either. Personally I don't think he should have to produce the keys either way, but there is a difference. If he was just using PGP for email then it should be entirely irrelevant, since obviously no nine year old girl is going to have PGP on her email (or at least any 9yo girl who does should be smart enough not to hang around pedophiles).
Re:Encryption use != evil (Score:5, Insightful)
How 'bout the other child pornographers that he's likely sharing the pictures with? Oh, yea. Them. They'd probably also be using PGP, as I doubt they'd want their email sniffed/syphoned off and read in an unencrypted fashion.
And the last remark is uncalled for. Those children subjected to the whims of the pedeophiles might have no idea what they're doing, or they might be bullied, forced, coerced into doing so. How do you know? Maybe the pedophile is related to them?
Re:Encryption use != evil (Score:4, Funny)
Re:Encryption use != evil (Score:5, Interesting)
Re:Encryption use != evil (Score:5, Insightful)
Person: No. I didn't.
FBI: Then how do you explain this encryption software on your computer. You obviously have something to hide.
Person: No. And if I did, that would be none of your business
FBI to jury: Yup. He's guilty.
You might as well say that "The fact he knew that what he was doing was wrong was supported by the fact that he didn't tell anyone about it." A right to privacy should be guaranteed. I shouldn't have to defend my use of tools which help ensure my privacy
Re:Encryption use != evil (Score:3, Interesting)
If all your documents are encrypted, or at least many documents that aren't related to a crime, there's no implication that you're hiding something in particular. Then you can make the "I didn't know" argument.
Re:Encryption use != evil (Score:4, Insightful)
The particular reason for encrypting certain documents may be so that your little sister won't read your diary. You don't care if she reads your term paper, so it isn't encrypted. There is nothing wrong, morally or legally, with the content of the encrypted documents. You simply want them to remain private. It is perfectly okay to keep documents or correspondence you don't want the world to read while at the same time keeping stuff you don't mind others seeing.
TFA doesn't say that the man used encryption to cover up illegal activity, but that the very existence of PGP itself indicated criminal intent, which is ludicrous.
Re:Encryption use != evil (Score:3, Interesting)
Re:Encryption use != evil (Score:5, Insightful)
I do encrypt things like bank records, sensitive databases, private letters, etc.
Of course, it's easier to just encrypt your whole $HOME directory. Put it on an encrypted partition. Then you can say, "I keep all of my data encrypted so my identity can't be stolen, so people can't poke into my private life, etc."
Maybe in fact I *should* encrypt my homework. At the university of delaware, the policy is, if someone cheats off of you, both them and you get in trouble. If I leave my laptop unguarded for a moment someone else in my class scp's the data to his computer, I'll get in trouble for it, when I've really done nothing wrong**. In that case, an encrypted $HOME directory would be useless, since if you're logged in, the whole directory would be unencrypted.
(** = Some may argue I should not leave my laptop unattended. Why? How about this---you leave your car parked unattended in your driveway, so it's okay for me to just walk up and take the engine out? Just because something's unattended doesn't make it OK to tinker with!)
After I had my laptop stolen, I lock it down more (Score:5, Informative)
Revoking SSH keys took as much time as killing card info, There is so many places sensititive data could end up (like your bank login/card info), such as
-hibernate file
-pagefile
-browser password store
-browser page cache
-directory where I save PDF shopping receipts
-mailbox
Now I lock a lot of the system down. Not just my home dir
-temp
-browser cache
-various program directories.
This is win32, where the EFS stuff doesnt encrypt filenames, just the contents. Its known that EFS is breakable (just reset the login password or something), but to make it harder
1. laptop needs a bios password.
2. that password is also used to enable the HDD
3. My winnt EFS private key is stored in the laptop TPM module.
#3 is interesting. I know TPM is associated with 'evil-DRM-Trusted-computing-stuff', but I use it as an unbreakable store of my sensitive keys. If what the inventors say is true (I work with some of them), you'd have to be a stronly motivate government to stand a chance of getting stuff off the TPM, so implicitly, off this hard disk.
Does this make me a criminal? I dont think so. The police told me off for not bios-locking my last box. Their view is the less usable stolen laptops are, the less valuable they are, so theft reduces all round. It is every laptop owner's duty to lock down their boxes so nobody can get at them!
Re:After I had my laptop stolen, I lock it down mo (Score:3, Insightful)
If your work with the inventors, you should know one thing. It is not trusted computing that is seen as inherently unsafe or "bad". That is the (IMHO VERY harmful) anti-tcpa p
Re:Encryption use != evil (Score:3, Insightful)
No, but if it was a crime, the fact that you encrypted them goes a long way towards showing that you knew it was illegal.
Re:Encryption use != evil (Score:3, Insightful)
All Linux users therefore have criminal intents.
At least in Minnesota.
And at the rate the US exports its legislation, I might as well start learning Windows now before the men in black come knocking...
Re:Encryption use != evil (Score:4, Insightful)
FBI: You Tried to launder money to the Soviets, didn't you?
Person: No. I didn't.
FBI: We caught you exchanging money with operatives in soviet russia.
Person: Uh . .
FBI: We also found this encryption software on your computer. You are likely to have something to hide.
Person: No. And if I did, that would be none of your business
FBI to jury: Yup. He's guilty.
Re:Encryption use != evil (Score:3, Interesting)
FBI: You Tried to launder money to the Soviets, didn't you?
Person: No. I didn't.
FBI: We caught you exchanging money with operatives in soviet russia.
Person: When?
FBI: You know when.
Person: I do?
FBI: Just answer the question.
Person: What question?
FBI: Uh. Encryption! You have encryption software on your computer, don't you?
Person: Yep.
FBI: So, you have something to hide.
Person: Sure, my credit card numbers that I use on line,
Re:Encryption use != evil (Score:3, Insightful)
FBI: You Tried to launder money to the Soviets, didn't you?
Person: No. I didn't.
FBI: We caught you exchanging money with operatives in soviet russia.
Person: I didn't know that was wrong.
FBI: We found encryption software and encrypted files on your computer from the same time we caught you exchanging money with the soviets. You knew it was wrong.
Person: Encryption is irrelevant to this case!
Re:Encryption use != evil (Score:3, Funny)
FBI: You Tried to launder money to the Soviets, didn't you?
Person: No. I didn't.
FBI: We caught you exchanging money with operatives in soviet russia.
Person: When?
FBI: You know when.
Person: I do?
FBI: Just answer the question.
Person: What question?
FBI: Uh. Encryption! You have encryption software on your computer, don't you?
Person: Yep.
FBI: So, you have something to hide.
Person: Sure, my credit card numbers that I use on line, per
Re:Encryption use != evil (Score:5, Insightful)
Applying it back to the case at hand: it's legal to use encryption software. It's illegal to possess child pornography. A way to hide child pornography is to encrypt the child pornography. If the only information you have is that a person uses encryption software, there is no way you can prove that the person possesses child pornography. However, if you have other evidence that a person possesses child pornography, the information that the person uses encryption software becomes relevant, in that it provides a legitimate explanation of why the offending material cannot be found.
IANAL, so I don't know if this line of reasoning is a valid legal argument, but this was how I understood the comparison the GP post was trying to make. I'm not awake enough to decide if I personally think this should be valid or not...
Re:Encryption use != evil (Score:3, Informative)
Should be, but it's not. Read the bill of rights. "Right to privacy" is not one of them. Privacy is a privilage.
That said, it is pretty silly that having encrytpion applications constitutes criminal intent. Encryption is built into OSX, and hell, I even use it for my home directory. Does that mean I have criminal intent? No! I simply don't want whoever steals my laptop to be able to access my stored passwords and such.
Re:Encryption use != evil (Score:5, Informative)
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated... (and so on...)
Has a privacy ring to it.... It's a right. If you want to keep something to yourself... this particular amendment provides a mechanism for which you are able to do that. Granted, it is not specifically stated "privacy", but applying the reasonable man test, you can see where privacy is upheld over public scrutiny. When privacy needs to be violated, it requires more work than just "LET ME SEE YOUR STUFF."
Which, if our courts weren't so broken, judicial review would toss out the "sneak and peek" provisions of the Patriot Act faster than you can say "Amendment IV".
Re:Encryption use != evil (Score:3, Insightful)
Locking your doors is a normal and irrelevant thing-- just like encrypting your data before your send it through the internet.
If all he had on his computer was a web browser with HTTPS, that'd be true. But he had PGP, which isn't very common at all. Should we trust a jury to make the right decision when given this evidence (along with presumably a defense showing just how many other reasons he could have had PGP)? I really don't know. I suppose it depends in part on how strongly the defense objected
Re:Encryption use != evil (Score:3, Informative)
Sigh. My headline as entered was PGP ruled as "evidence of criminal intent"
Re:Encryption use != evil (Score:5, Insightful)
Consider the following analogy: I murder someone on the street and flee in a red car. An eyewitness can't identify me but testifies that they saw a red car speeding away. The state introduces my auto title showing that my car was red.
The fact that I own a red car is admitted into evidence! But not because owning a red car is itself proof of guilt! Rather, it's because it's relevant to the state's case, as evidence of a plan or simply the means of execution.
Thus, Slashdot is right - the court found it "relevant" - and TFA is wrong - encryption is not itself evidence of criminal intent.
Re:Encryption use != evil (Score:5, Interesting)
Why is this relevant? Well, if he is using encryption, and they ask him for his key to decrypt the files, I'd say that would be him testifying against himself. Along those same lines, if he refuses to give the key (because he has the right NOT to incriminate himself), they are basically saying "Hey, we don't need the key, because he wouldn't be hiding anything if he had nothing to hide, so he must be guilty!"
This really represents a failure on the part of the judge. The only thing encryption represents is an unknown: not intent, not a particular set of data. You might as well hand they police a blank drive and infer from that "He must have erased it, and he wouldn't have done that unless he was guilty!"
Re:Encryption use != evil (Score:5, Insightful)
Not true. If the state is attempting to prosecute me, I have every reason to just keep my mouth shut. There is absolutely nothing I can say to them (as opposed to my own lawyer) that will improve my situation. The default position should be to take the fifth.
Re:Encryption use != evil (Score:5, Interesting)
The fact that he knew that what he was doing was wrong was supported by the fact that he tried to hide it.
And if you had read the article carefully, you would have noticed that there's no evidence he tried to hide the files. From the article:
Using your analogy it's more like they found an empty bargain-bin safe at the house, and used that as evidence against him. "The man had a SAFE! Only criminals have safes!". As far as comparing PGP to a "industrial strength safe", well that might be a good comparison.. if all safes were industrial strength and given away very cheap or free.
Re:Encryption use != evil (Score:3, Insightful)
Encryption use != Criminal Intent (Score:3, Insightful)
Re:Encryption use != evil (Score:3, Interesting)
-nB
Classic "You must be hiding something" syndrome (Score:3, Insightful)
Some of us like this little thing called PRIVACY. It's something that you get less and less of these days and it's only going to get worse. RFID national ID cards, bias against encryption, tracking databases, no travel without ID..
The excuse is always "If you're not hiding anything you don't have anything to worry about." I don't know what these people are afraid of. Why can't I go about my life without being tracked? Why is it a bad thing that I want to encrypt my
Re:Classic "You must be hiding something" syndrome (Score:3, Insightful)
"Anyone who brings up the 'You must be hiding something if you encrypt' argument in a discussion automatically loses."?
Because there should be.
Re:Classic "You must be hiding something" syndrome (Score:3, Interesting)
The Executive and Legislative are completely corrupt.
Re:Encryption use != evil (Score:5, Informative)
The Prosecutor would likely argue that the existence of the encryption software demonstrates that the defendant knew that what he was doing was wrong and that he was trying to hide damning evidence. Hiding evidence against you is frowned on. If you know evidence could be used against you and then go about destroying it, in certain situations the court is entitled to instruct the jury to presume that the destroyed evidence would be harmful to your case.
Now, encrypted evidence may not be literally destroyed, but it is as good as destroyed as long as it remains encrypted. It's kind of like a shredded document -- although it is conceivable that it could be reassembled, if it is mixed with enough random material, reassembly is all but impossible.
Anyway, I don't see this as a suggestion that encryption is bad per se. I see it as an extension of basic evidence rules -- if there is other evidence suggesting you have bad files and you have intentionally made those file unreadable, the tools you used to do that are possibly relevant. Kind of like pointing out the defendant owned a shredder, there was huge pile of shredded paper by it, and the "smoking gun" documents are no where to be found.
Last, it doesn't exactly sound like PGP was a "factor in his punishment". Rather, it sounds like it was a factor in his conviction. If the court had ruled that the evidence was inadmissible, then a new trial might have been ordered. This would require a finding that the irrelevant evidence was prejudicial enough that it could have formed a basis for the conviction. If the error was not considered substantial, then no new trial would have been ordered. Obviously, one never reaches the punishment phase without conviction, but I didn't read anything that suggested the punishment was more severe by virtue of the PGP software (kind of like a firearm enhancement).
I don't think this message helps though (Score:3, Interesting)
OK, agreed.
But I wouldn't necessary put it that way if I needed to make a point. Even if you get somebody to agree with you, it doesn't necessarily help them draw more accurate inferences. Indeed their inferences might still differe hardly from if they thought it was evil. The point here is that they were instructed to consider encryption as evidence. Well, OK, but how to they weight that evidence? Bayes therem says: P(A|B) = P(B|A)*P(A)/P(B).
People have a kind of rough intuitive unde
Re:Encryption use != evil (Score:5, Insightful)
"We find that evidence of appellant's bookshelf use and the existence of books in his house was at least somewhat relevant to the state's case against him"
If there is anything more ridiculous than blaming the weapon for the act of the person, I'm sure I can't think of it offhand.
The perv did the act, and the perv should get the attention. What he or she did it with has absolutely no bearing on the case -- but you can bet dollars to donuts that some moron is going to be all about banning PGP now because it "contributes to the child porn/perv problem."
There. Now I've used my brain.
Happy now?
Re:Encryption use != evil (Score:3, Insightful)
And so it would be, because it directly corroborates the state's theory of the case! It may not be highly probabative as to guilt - but it is in fact relevant, because it strengthens, however incrementally, the state's interpretation of the facts.
Re:Encryption use != evil (Score:4, Insightful)
The only valid issue should be, child porn, or no child porn. Not encryption. Did the defendant have some, or not? Did they produce some, or not? Did they distribute some, or not? If you have to point to the fact that the defendant has a means to hide information in the course of trying to villify them for creating, possession, or distribution of child porn, then you and your case suck, just as bad as the laws that allow you to bring such complete and utter irrelevancy into the courtroom do. Hopefully that was clear enough, precise legal terminology aside.
The reason that smart people are upset about this is that encryption technology stands a risk of being tarred by the same brush that society is using to paint your basic perv, and that brush is already dangerously out of hand.
And they are absolutely right. That could happen.
Re:Encryption use != evil (Score:3, Insightful)
State > "You have kiddie porn on your PC"
Defendent > "It's not mine! I got from surfing the web, and accidently clicked a link"
State > "If it was an accident, why did you encrypt it and archive it, instead of erasing it? Hmm? Hmmm? HMMM?"
Defendent > "Damn"
The presence of an encryption program (in this case, PGP) merely contributes that the defendent KNOWNINGLY did somethin illegal (by trying to hid his trail), and it wasn't a mere accident.
Re:Encryption use != evil (Score:4, Insightful)
If he *had* encrypted files, then they'd have evidence to show for it - a virtual "locked safe", which at the very least arouses suspicion. Just having a safe with nothing in it implies nothing.
I think, apart from ignorance of the prevalence of encryption technologies in computers, the judge is conflating cryptology with steganography. Encrypting the files would make them more obvious, and couldn't account for the fact that they are not to be found.
It's my opinion that the prosecution are encouraging this confusion in an attempt to vilify the defendant, to gloss over that fact that their only other evidence is the word of a nine-year-old girl. If there is more to the case I'd be interested to find out what, but the articles I have read do not reveal much:
http://www.corante.com/importance/archives/2005/0
http://techdirt.com/articles/20050524/1639237_F.s
Re:Encryption use != evil (Score:3, Insightful)
Even if there were files found, a simple re-reading of your argument clearly points out the fallacy. The existence of the *encrypted kiddie porn* is the evidence, not the existence of software which m
Re:Encryption use != evil (Score:3, Insightful)
This is what's so frightening about the legal system.
I'm a fairly stand-up guy, I try to do what's right and just go about my life. But all it would take is one 9 year old to say I was a child pornographer and I'd be locked up without a key in the mind of the public - with judges that will allow such ridicul
Re:Encryption use != evil (Score:3, Insightful)
If perv had bookshelf, and had hid the pictures of a 9yo girl/boy with legs akimbo in said bookshelf it would be a damn sight more relevant than the fact that he had PGP installed on his PC. There is no suggestion that encrypted files were found so this is not the damning piece of evidence you paranoid little sunlight dodgers think it is.
Basically this sicko pervert kiddie fiddler was caught with a whole load of evidence proving
Brain use == evil (Score:4, Insightful)
Oh, no! Using a brain is a crime by itself in modern advertisment-based society.
Read Fahrenheit 451 or many other stories by American SF writers. They warn you 50 years ago that this would end with that - having encyption software is a crime, having gun is a crime, thinking independently is a crime too.
Good. Encryption is a tool too (Score:3, Insightful)
Just like the presence of a gun during a robbery lifts the crime to armed robbery, the presence of encryption ought to imply not only that the culprit intended to commit the crime but also intended to cover it up as well.
Well, analogies can get you into trouble (Score:5, Interesting)
Well, if I use a gun in a robbery, that makes it armed robbery. But if I own a gun that is not used in the robber (say it's locked in a safe at home) does any robbery I undertake automatically become armed robbery? I mean, don't you think there should be evidence that I actually used the gun in the robbery?
That said, this isn't what the court decision is about. It isn't saying he is guilty because he has encryption software. It's saying the jury can consider that as evidence.
Mathematically, it is true that the significance of a fact depends on context. Thus something which in isolation doesn't mean much can become significant when joined to other facts. However, some things are so commonplace that you can't fit them into anyt kind of logical structure that will help you make a conclusion.
You might as well say that bank robbers wear shoes and the accused owns several pair.
Fortunately with the other evidence against him, I doubt this spurious instruction had any effect.
Re:Good. Encryption is a tool too (Score:5, Insightful)
I see what you're saying...but there are several flaws in this reasoning, both theoretical and practical.
(And for the record, when it comes to child pornographers, there can be no punishment too severe.)
Not a good result, even if it was child porn (Score:3, Insightful)
But that doesn't mean the presence of encryption tools meant he was guilty. Encryption tools have many uses, some of which are good - like authentication and assurance of confidentiality. It's great to have encryption tools like PGP when you're sending an email to your broker that you want to issue a stock trade from your investments account. Or to be reasonably assured that discussing a prototype / secret business proposal will not be intercepted.
Encryption is merely a tool, to be used for both good and evil. A mail envelope can contain mail, or it can contain anthrax. An encrypted document could be a plot by terrorists, or it could be just any other email.
Re:Not a good result, even if it was child porn (Score:3, Insightful)
I would like to believe that MOST of the reasons for encryption use is good. Let's not outweigh the frequency of "wrong" uses with the actual numbers of good reasons.
Real national security issues.
Business uses.
Classified government files (fbi, cia, nsa etc)
Personal uses that are not illegal
vs. covering up crimes or crimes in progress
That's my arguement anyhow.
Actually... (Score:3, Informative)
One time a few years back I was given a ticket for speeding in California. I live in Arizona, and was returning from visiting a relative when I got the ticket. I was plainly in the wrong (I was speeding on the highway - however, it was one of those long lonely stretches in the desert between Yuma, AZ and BFE, California, with no other cars in sight - well, at least until I hit the speed trap under the overpass, of course) - but during
can anyone say... (Score:3, Interesting)
5th Amendment violation? (Score:5, Interesting)
As a side note, with that earlier /. article [slashdot.org] about the MS guy saying to write your passwords down, is encrypting my password list an act with criminal intent?
Re:5th Amendment violation? (Score:3, Informative)
Awesome. (Score:5, Insightful)
Good citizens have nothing to hide, after all. Why don't we just ban encryption entirely? And we'll install the cameras here and here...
Seriously...
I'm not totally familiar with what this means legally, but I know it's a bad thing. And a reason for every OS to include it by default, PRONTO!
If this stands up, privacy will take a beating.
c'mon stupids (Score:3, Informative)
He already committed the f'ing crime.
Levie's conviction was based on the in-person testimony of the girl who said she was paid to pose nude, coupled with the history of searches for "Lolitas" in Levie's Web browser.
The guy wasn't convicted because of the crypto. It's like finding the dead body... and then finding the shovel, the canvas bag, etc.
Re:c'mon stupids (Score:3, Insightful)
Porn bad. PGP good. (Score:5, Insightful)
The encryption software here is treated in the same manner as an item such as a large bag would be treated in a shoplifting case. That is, if you go into a store, see something you like, grab it, and run, the court would likely view that as something that you did at the spur of the moment, without putting much forethought into it. The crime, while still very much a crime, would likely be treated as a stupid action you took because you didn't stop to think if it was right or wrong, and the sentence would likely be applied with some leniency. In such a case, assuming the item costs less than $400.00, the crime would be treated as a misdemeanor. On the other hand, if you had entered the store with an unnecessarily large bag that is mostly empty, this might, in the eyes of the court, show that you had planned to shoplift from the outset, and you would receive a much stiffer punishment. In this case, the crime would likely be treated as a felony, regardless of the item's value.
In much the same way, the court handling this pornography case is probably trying to determine under which of the statutes the aforementioned materials fall, and the presence of software used with the intent to traffic in such material, regardless of the software's generally accepted purpose, can allow the prosecution to go for a crime with stiffer penalties.
In other words, if you use PGP, don't worry, because it's not going to be outlawed. But if you're the guy in that pornography case, be afraid... be very afraid. Here in Soviet Russia, pornography encrypts YOU!
As an aside, one should not look at pornography, because it can have an adverse effect on future relationships that you might have.
Re:Porn bad. PGP good. (Score:3, Funny)
I thought we just shouldn't look at it for fear of making baby Jesus cry?
Re:Porn bad. PGP good. (Score:5, Insightful)
There are so many other legal uses of encryption software that a ruling like this should always be considered very dangerous. It is not his use of the software to encrypt photos that is being used, because they have no evidence of that. It is the mere presence of the software, implying that its only possible use on his computer would be for criminal intent. That is the bad part.
Re:Porn bad. PGP good. (Score:3, Informative)
That aside, I still think it sets a dangerous precedent. Having a gun in your house surely does not mean you premeditated that murder in self-defense when you got burgled?
-Lars
I find such associations bad anyway (Score:3, Interesting)
So basically if someone decided to accuse me of shoplifting, that bag -- even if not used at the time -- would suddenly be criminal intent. Seems bloody stupid to me.
E.g., back in college I did have half of my hard drive encrypted -- and that was before the OS itself came with encryption --
Locks and Keys (Score:4, Interesting)
Logic, people, logic!
Hmm (Score:4, Interesting)
Keys and Passwords (Score:3, Interesting)
Why on earth did the court rule that the mere existence on this criminal's systems constituted criminal action?* Why didn't they ask for keys as part of the trial and find out what he had encrypted? All this does is punish us in the tech world by alluding to the use of cryptography as a criminal action.
*And yes, this guy certainly deserves what he had coming, but don't punish me for his actions...
what else is there to say? (Score:3, Interesting)
The charge of forgery was dropped... (Score:5, Funny)
From the decision itself: (Score:5, Informative)
This appears to be the only discussion of the encryption issue:
The entire case is available at http://www.lawlibrary.state.mn.us/archive/ctappub/ 0505/opa040381-0503.htm [state.mn.us]
BS on CNET (Score:5, Insightful)
"We find that evidence of appellant's Internet use and the existence of an encryption program on his computer was at least somewhat relevant to the state's case against him," Judge R.A. Randall wrote in an opinion dated May 3.
He did not say the encryption program was evidence of guilt.
To say otherwise is tabloid "journalism."
Re:BS on CNET (Score:4, Interesting)
The appeals judges let this stand, saying in effect that a trial judge has to screw up bigtime before they'll undo that judge's decision, and that in their opinion the trial judge did have a leg to stand on.
Not hardly. (Score:3, Interesting)
And in other news... (Score:5, Funny)
Police were first alerted to Fritz's activities when he dialed 911 to report a burglary in progress at his home in Elmwood drive.
On arriving at the scene, police observed that the doors to Fritz's house were locked and that the intruder had been forced to break a window to gain entry.
After aprehending and speaking with the intruder, police decided not to arrest him, relying on his promise not to re-offend.
Fritz *was* arrested however, on suspicion of being involved in a crime or crimes unknown. Prosecutors say they have a pretty strong case against him -- after all, if he had nothing to hide, why did he lock his doors and draw his curtains -- thus forcing the would-be burglar to break a window?
Film at eleven.
Case Closed (Score:3, Funny)
Did anybody read the article? (Score:3, Interesting)
Now, said sleazebag is trying to get a new trial because the prosecutor was allowed to bring up his use of PGP. I certainly agree that mere presence of PGP does not prove criminal intent; after all, I have a similar program (GPG) on this machine. But even if that evidence should not have been allowed, it is at most a trivial error that did not appear to affect the case.
RTFA! Is that so hard? (Score:3, Insightful)
Damn! It's like the RIAA making a patently absurd claim that just because one COULD use an iPod for storing illegally copied MP3s, therefore ALL iPod owners are using them to store illegally downloaded MP3s...
Oh, wait...
Relax (Score:4, Interesting)
This is a hail mary by the defense attorney that does nothing but put software on the same footing as other tools.
that's what happens (Score:3, Insightful)
How many Linux distros have gpg installed by default? Should we automatically be suspected as criminals?
How many PCs don't some form of encryption? Crypto includes browsers that support SSL... necessary for e-commerce. I'm sure that at least some of the judges have PCs and browsers. Should search warrants be obtained on this basis and their computers be checked for kiddie porn?
With respect to crypto, I personally use it to keep proprietary technology and business discussions private and to digitally sign documents. I also plan to continue to do so even if it makes Minnesota judges think I must be a criminal of some sort.
The court decision is... contemptible, but to be expected, it's from the same kind of ignorant people who voted the DMCA into law.
The most charitable thing I can say is that a great many people's brains shut down immediately if the subject of child pornography comes up, and speculating as to why would. . . be very impolite.
Oh, this is just *swell*... (Score:5, Funny)
Therefore, in a rape case, this can be construed as criminal intent.
This is good news for all Slashdot users; now you are gong to have sex at least in the eyes of the law...
Furthermore, I normally keep my penis hidden in my pants, which obviously means I know that's wrong and am trying to hide it.
As a consequence, criminal intent could not be established for flashing pervs; they do not seem to be hiding anything, at least... so that's OK.
And to think I actually complain about Croatian judicial system, which is merely inefficient...
*This is not a latest discovery, nor bragging; I really do need that** to prove my point.
** Please stop that.
Re:Oh, this is just *swell*... (Score:3, Funny)
Objection: Hearsay.
Everybody said: I have nothing to hide (Score:3, Insightful)
Every time I hear that argument I almost explode in a rage and claim that at times the usage of encryption alone will be held evidence that you're a criminal.
These times start NOW.
And by the way, this is YOUR fault you lazy bum.
-jsl
Thats just crazy talk (Score:3, Interesting)
The great thing about computers is that they make finding and manipulating digital data a snap. The bad thing about computers is that they make find and manipulating digital data a snap. It's a double edged sword that is, at least partially, dulled by encryption and other security measures.
You use a computer to generate sensitive data because its easier and more powerful than traditional methods, but that doesn't mean that you automatically want to forego the security that is implicit in a paper and pen solution.
Does this mean that keeping your photo album in a 'locked' house is evidence of criminal intent?
Re:Oh come on (Score:4, Insightful)
This is one of those cases where use of a legal tool to aid or cover up a crime can absolutely be part of the case, and it is NOT an indictment of the tool.
Re:Oh come on (Score:5, Insightful)
No, I would say this is more like you killing someone with a knife and simultaneously having a bottle of bleach at home in the laundry room, and they have no evidence of you buying or using it for any other reason than doing the laundry, and yet it is somehow taken as "supporting evidence" that your crime was thought out in advance, with you having the bleach on hand specifically to clean up after the crime. Obviously the bleach could have been used to clean up some blood, so that must have been your intention in owning it.
Your mistake is in comparing this to a non-ordinary amount of bleach and suggesting they had some sort of evidence that you used the bleach to clean the blood off the walls. This encryption software is just an everyday, regular size, common bottle of bleach sitting in the laundry room, just like almost anyone would have in their home if they happen to have a laundry room. It indicates absolutely nothing. Thinking otherwise is an extremely dangerous logical fallacy. And it absolutely IS an indictment of the tool. Encryption software is not the logical equivalent of five gallons of bleach.
Re:Oh come on (Score:3, Insightful)
Encryption is merely a tool that this man used to commit his crimes. Should video cameras the defendant used not be admitted? Should video TAPES? What about any other equipment he used in the filming process? They clearly (I think you'll agree) should be admissible as evidence. Why not the fact that he went to great lengths to hide his creations? Encryption is JUST a TOOL. It's not magically special just because it's
Re:Oh come on (Score:3, Interesting)
A lot more than just XP... (Score:3, Funny)
On the other hand, he was convicted because a minor said he attempted to solicit her, and he had kiddie searches in his browser history. While the idea that having an encryption program can be seen as supporting evidence, I can understand why it would be relevant in this case. Encryption isn't a smoking gun, but it isn't as ubiquitou
Re:absolutely ridiculus (Score:3, Insightful)
If you built an underground cavern with a hidden door, security cameras, and multiple locks to hide the dead bodies from your killing rampage, the fact you spent all that time doing it should be evidence in the case of your intent.
This person is not being indicted for using crypto, his use of it is simply being used to show intent... wh
Re:absolutely ridiculus (Score:5, Insightful)
Because you, like most of the slashdotters arguing in favor of this ruling, apparently haven't read the fucking article. There is no evidence whatsoever that the man used encryption for ANYTHING AT ALL, much less hiding child porn. None. Nada. Zip.
It was present on his computer. That's it. It's also present on your computer if you use WinXP, Win2000, or have just about any distro of Linux. And we'll be sure to use it as 'evidence' of your intent to 'hide your crime' should we ever suspect you of doing anything illegal.
Max
Re:absolutely ridiculus (Score:3, Insightful)
And your still wrong.
Not only was there no indication that he encrypted porn, but there was no indication that he wiped anything either.
Had a wipe been done it would have been forensically OBVIOUS. The normal contents of 'empty' areas of a harddrive are miscelaneous file fragments, not systematically scrubbed sectors. Now assuming the police are not incompetent and they actually analyzed the harddrive, this means that the ha
Re:absolutely ridiculus (Score:3, Insightful)
Re:Any relationship to gun ownership? (Score:5, Insightful)
The unfortunate thing about encryption is that it's not as pervasive as it should be. Virtually everybody has a lock on their house, and only rarely are they trying to conceal a criminal act. Virtually everybody puts mail -- particularly sensitive mail -- in envelopes before sending it, and again this is to retain privacy rather than deter law enforcement. But encrypted files are uncommon and therefore draw attention, right or wrong.
This is another example of where our justice system has gone round the bend when it comes to understanding new (and not even -that- new) technology and its relation to currently accepted practices in other parts of life. Locksmithing tools are specific to that practice, but encryption tools are general purpose and not only legal but encouraged for use by average citizens to retain their privacy.
Horrible precedents are usually set over reprehensible crimes, when said crimes represent only the tinest portion of the larger picture. Hopefully that won't be the case here when everything shakes out, but I have a feeling encryption will be severely curtailed in years to come as average people become more familiar with it and it becomes harder for law enforcement to deal with.
Frequency should be irrelevant (Score:3, Insightful)
E.g., my parents have rented a box at a bank to keep their documents there. Their reasoning being that in case of a fire or burglary, might as well not lose those.
It's not a pervasive thing, and it _could_ theoretically be used to hide something illegal, but that's not what they use it for. And a prosecution line of reasoning along the lines of "if it's not pervasive, it shows criminal intent" would make
Re:Ah! How America leads the way. %) (Score:3, Funny)
That's not entirely a problem caused by the captchas, now is it?
Re:NSA could break PGP? (Score:3, Insightful)
Re:NSA could break PGP? (Score:3, Insightful)
Somewhere I hear Vadar saying, "I find your lack of faith disturbing..." ;-)
PGP uses a passphrase, right? What are the chances this guy's passphrase--now remember he's not only dumb enough to make and locally store child porn, but he doesn't even clear out his browser history--what are the chances his passphrase contains more than, say, 40 bits of entropy?
You don't have to break RSA or El Gamal or IDEA or Blowfish or whateverTF he was using...just g
Re:NSA could break PGP? (Score:3, Informative)
Huh? From what I read there was no child porn on his computer and no encrypted files.
-
Re:Wow, that's scary (Score:3, Funny)
A lawyer is sitting in a bar having a drink when a beautiful women sits down next to him. The lawyer seeing oppurtunity buys the women a beer and proceeds to hit on her. He then asks her, "Would you sleep with me for a million dollars?"
The women looks at him and says, "You know for a million dollars, sure."
The Lawyer then asks, "Would you sleep with me for 20 dollars?"
The women is instantly upset and yells, "Twenty dollars, what do you think I am some kind of whore?!"
The law
Re:great.... (Score:3, Informative)
Re:Hand me the lubricant... (Score:3, Insightful)
He didn't say NSA could break it, he claimed that no one "other than the NSA" could break it. Whether the NSA could break it or not was left unspecified. If I say that NSA can break DES, how am I guilty of divulging classified information? I deduce the information on the basis that NSA isn't incompetent and that DES has been broken by others for quite some time now.